GRC Builder
Simplifying GRC Processes
Real-time transparency and segregation of duties (SoD) risks monitoring, with governance and effective control
Access and identity management
Automated SoD risk management and compensatory controls
Approval workflows tailored to your process, through parameterization
Cloud solution (SaaS model), with accelerated implementation
Compliance management: internal controls, auditing, security, SOx, CVM, IBGC, LGPD, GDPR, etc.
ACCESS AND IDENTITY MANAGEMENT
About Porttus
Porttus Compliance Solutions has been recognized by its specilized solutions for Governance, Risks and Compliance (GRC).
Our vision is to provide the best class GRC solution platform on cloud (SaaS architecture) and our solution GRC Builder enable our customers to implement a single and integrated governance for access and identity management, either for their ERP systems or for their own legacy systems.
Our mission is to connect our platform with the most important ERP systems on the market (SAP, TOTVS, Microsoft, Oracle, Philips TASY and others), and keep the commitment to develop connectors for the legacy systems of our customers. This way we enable our clients to carry out comprehensive and effective GRC governance of all their corporate systems.
40,000+ Monitored Users
GRC Builder is connected with several ERP systems from our customers sites, to keep these systems preventively monitored for risks of segregation of duties.
Satisfaction Guaranteed
GRC Builder help our customers to keep compliance with SOx, CVM and also adopt the best GRC practices.
What we do
A best class GRC platform on cloud to track, identify, control, monitor, eliminate and prevent SoD risks and use of critical transactions (dangerous, restricted, personal data risks, etc.) granted to business users.
As a cloud architecture (SaaS) solution, GRC Builder can be used for:
- Analytical and continuous monitoring tool
- Preventive control of SoDs or SAT risks
- Access and identity management
- Detecting security threats in ERP
- Supporting audit reviews establishing compliance processes and Internal controls for: SOx, CVM, IBGC, COSO, LGPD, GDPR, etc.
Why GRC Builder?
GRC Builder Platform – SaaS
Main Functionalities and features
ARM
Access Risk Management
Solution for access management, SoD/SAT risk monitoring and automatic provisioning.
Integration with the main ERP systems in the market and with MSAD – Active Directory.
USER PORTAL
- Additional Access Requests
- Access for another user
- Reference users access
- Emergency Access (firefighter)
- Status of my requests
ACCESS MANAGEMENT
- Request governance
- Email notifications
- Flow steps with approvers
- Approval traceability
- Automatic provisioning
SOD RISK ANALYSIS
- Preventive risk analysis:
- SoD Risks
- SAT Risks
- Org. Level Risks
- Cross-Systems Risks
COMPENSATORY CONTROLS
- Preventive risk mitigation
- Responsible for control
- Control gates
- Notification of accountable team
- Control Effectiveness
SIMULATIONS
- Profile assignment
- Impact on risks
- Grouping of profiles
- Multiple profiles and users
- Varied scenarios
PERIODIC REVIEWS
- Privileges Review
- Review campaigns
- Target of review
- Campaign scope
- Period and responsible
CONFIGURABLE WORKLOWS
- Parameterization of scenarios
- Navigation by wizard
- Decision rules
- User-level customization
- Ready for mobile devices
CONTINUOUS COMPLIANCE
- IPE Report (External Audit)
- Dashboards and monitoring
- Historical analysis
- Audit logs
- KPIs and heat map
IAM
Identity and Access Management
Integrated solution for access and identity management (embedded in ARM module), for analysis and monitoring of SoD/SAT risks, in addition to automatic provisioning. Integration with the main ERP systems in the market and with MSAD – Active Directory.
SIMULATIONS
- Profile assignment
- Impact on risks
- Grouping of profiles
- Multiple profiles and users
- Varied scenarios
ADMINISTRATOR’S PORTAL
- Revoke access
- Create user
- Block user
- Unlock User
- Delete user
CONFIGURABLE WORKLOWS
- Parameterization of scenarios
- Navigation by wizard
- Decision rules
- User-level customization
- Ready for mobile devices
CONTINUOUS COMPLIANCE
- IPE Report (External Audit)
- Dashboards and monitoring
- Historical analysis
- Audit logs
- KPIs and heat map
UPM
User Password Manager
Self-service solution for systems passwords reset and user unlock, with double factor authentication option, allowing the user to synchronize all passwords with connected systems.
PASSWORD RESET / USER UNLOCK
- Interface for requesting password reset and user unlock through step-by-step wizard. Note: This feature allows you to synchronize all user passwords
FORGOT MY PASSWORD
- Password reset or user unlock functionality with 2-factor authentication for added security.
2ND AUTHENTICATION FACTOR AND CHALLENGING QUESTIONS
- Functionality that stores user questions and answers for self-service password reset.
2ND AUTHENTICATION FACTOR (ONE-TIME PASSWORD)
- OTP (On-time password) functionality via SMS notification to speed up password reset and incorporate greater security.
WINDOWS PASSWORD RESET / ACCOUNT UNLOCK APP
- Windows application that allows password reset / account unlock via CTRL+ALT+DEL in Windows interface.
BTM
Business Threat Detection
Solution for monitoring and managing business threat indicators related to cyber security and auditing rules in monitored systems.
MONITORING OF THREATS TO THE BUSINESS
- Tool that allows you to create rules for mapping threats and security vulnerabilities of monitored systems
MONITORING RULES
- Interface allows the definition and creation of business rules for preventive monitoring of security threats to the business.
MANAGEMENT OF INDICATORS
- Functionality allows management of indicators by type of risk, criticality and by regulation.
OUT-OF-BOX CONNECTORS
- Ready-to-use connectors and indicator repository for SAP ERP and Microsoft Active Directory (AD) systems.
MONITORING DASHBOARD
- Various reports and dashboards for online monitoring of risks and security indicators of connected systems.
Really easy and intuitive user experience (UX)
Main features and user interfaces
Flexible licensing options that fit your budget and meet your business requirements
We offer the best price per monitored user
MAIN BENEFITS
- Environment available for deployment in less than 1 week
- Accelerated deployment in a few weeks
- Risk and Control Templates and Benchmarks to Accelerate Adoption
- Application sharing with other companies, but with total segregation of data and settings
MAIN BENEFITS
- Environment available for deployment in less than 1 week
- Accelerated deployment in a few weeks
- Risk and Control Templates and Benchmarks to Accelerate Adoption
- Environment dedicated to the company, however enjoying sharing and gaining scale of operating services with other customers
MAIN BENEFITS
- Environment available for deployment in less than 1 week
- Accelerated deployment in a few weeks
- Risk and Control Templates and Benchmarks to Accelerate Adoption
- Offer tailored to your company’s specific needs
- Specific pricing according to your organization’s requirements
Contact us and discover how simple, fast and low-cost it is to implement a GRC solution in your company!
Do you want work with us?
Register your resume and join our team
If you identify with us and want to be part of our team, send your resume to our talent pool.
Follow us on social networks and stay up to date with our publications
See the contents we’ve prepared for you
Segregation of Duties (SoD): the key to success
If your company has already been audited, you know the importance of managing access to corporate systems, especially when it involves critical systems or those subject to audit, such as SAP S/4HANA, SAP ECC, SAP HCM, TOTVS Protheus, TOTVS Datasul, TOTVS PIMs,...
Somos a 1ª empresa no Brasil a oferecer GRC- Access Risk Management voltados exclusivamente para clientes SAP (In portuguese)
VOCÊ CONHECE AS VULNERABILIDADES DOS SEUS SISTEMAS ERPs? (in portuguese)
Sua Organização consegue monitorar, detectar e evitar conflitos de interesse e possíveis fraudes em todos os sistemas de informação (ERPs, CRMs, Legados, etc)? Você não gostaria que alguém da equipe de vendas pudesse calcular e registrar suas próprias comissões ou...
Proteção de dados pessoais – seus desafios e benefícios (in portuguese)
O ano de 2018 foi marcante para o mundo dos negócios com o início do regulamento geral de proteção de dados pessoais (General Data Protection Regulation) da União Europeia em maio de 2018. Não era algo novo para as organizações europeias, pois tiveram dois anos para...
Contact us!
Send your message
Address
R. Hilda Del Nero Bisquolo, 102, Ed. The ONE – Sala 1116 – Jardim Florida, Jundiaí – SP, Brazil 13208-703
Telephone
+55 (11) 2500-1646